Session

Agile Compliance and Risk Ops

Many organizations attempt adopting DevOps and Agile practices only to crash against a compliance wall such as RMF, PCI-DSS, or even GDPR. Those who offer Agile management frequently want to sell you a brand. Even Gene Kim’s “The Unicorn Project”, shows a security officer experiencing a complete breakdown before becoming a DevOps enthusiast. It’s not that hard. After being a Product Owner on an Agile team, I transferred to a security lead, operating the Risk Management Frameworks with an org newly committed to Agile. My team worked through a mindset change without the breakdown, incorporating small compliance goals, integrating with developers, shifting security left, and building cooperative risk ownership. This session shares my experiences incorporating an Agile workplace with U.S. Governments compliance in the hope of helping others.

Mark Peters

Director, Engineering Ops, BrainGu

San Antonio, Texas, United States

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top